wiki.ohea.xyz/gollum
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge pull request #264 from github/remove_contents

Browse Source 
remove contents of script and style elements
This commit is contained in:
Corey Donohoe
2012-04-10 15:26:00 -07:00
parent bf8246c705 be4c52202c
commit 26d5abe7a5
2 changed files with 39 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/gollum/sanitization.rb
+13
View File
@@ -55,6 +55,13 @@ module Gollum
end end
end end
# Default elements whose contents will be removed in addition
# to the elements themselve
REMOVE_CONTENTS = [
'script',
'style'
].freeze
# Default transformers to force @id attributes with 'wiki-' prefix # Default transformers to force @id attributes with 'wiki-' prefix
TRANSFORMERS = [ TRANSFORMERS = [
lambda do |env| lambda do |env|
@@ -104,6 +111,10 @@ module Gollum
# Default: {} # Default: {}
attr_reader :add_attributes attr_reader :add_attributes
# Gets an Array of element names whose contents will be removed in addition
# to the elements themselves. Default: REMOVE_CONTENTS
attr_reader :remove_contents
# Sets a boolean determining whether Sanitize allows HTML comments in the # Sets a boolean determining whether Sanitize allows HTML comments in the
# output. Default: false. # output. Default: false.
attr_writer :allow_comments attr_writer :allow_comments
@@ -114,6 +125,7 @@ module Gollum
@protocols = PROTOCOLS @protocols = PROTOCOLS
@transformers = TRANSFORMERS @transformers = TRANSFORMERS
@add_attributes = {} @add_attributes = {}
@remove_contents = REMOVE_CONTENTS
@allow_comments = false @allow_comments = false
@id_prefix = 'wiki-' @id_prefix = 'wiki-'
yield self if block_given? yield self if block_given?
@@ -144,6 +156,7 @@ module Gollum
:attributes => attributes, :attributes => attributes,
:protocols => protocols, :protocols => protocols,
:add_attributes => add_attributes, :add_attributes => add_attributes,
:remove_contents => remove_contents,
:allow_comments => allow_comments?, :allow_comments => allow_comments?,
:transformers => transformers, :transformers => transformers,
:id_prefix => id_prefix :id_prefix => id_prefix
test/test_markup.rb
+12
View File
@@ -459,6 +459,18 @@ np.array([[2,2],[1,3]],np.float)
compare(content, output) compare(content, output)
end end
test "removes style blocks completely" do
content = "<style>body { color: red }</style>foobar"
output = "<p>foobar</p>"
compare(content, output)
end
test "removes script blocks completely" do
content = "<script>alert('hax');</script>foobar"
output = "<p>foobar</p>"
compare(content, output)
end
test "escaped wiki link" do test "escaped wiki link" do
content = "a '[[Foo]], b" content = "a '[[Foo]], b"
output = "<p>a [[Foo]], b</p>" output = "<p>a [[Foo]], b</p>"